admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-28T10:00:17.565544+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-28 10:03:18 +00:00
parent 57a81d1612
commit 6716aabeb2
4 changed files with 224 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2024/CVE-2024-87xx/CVE-2024-8712.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8712",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-28T09:15:02.167",
"lastModified": "2024-09-28T09:15:02.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GTM Server Side plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.19. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gtm-server-side/tags/2.1.19/templates/class-gtm-server-side-admin.php#L30",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3158847/gtm-server-side/tags/2.1.20/templates/class-gtm-server-side-admin.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28f77d5a-fc17-4e17-85b9-4e6f66dbf2c7?source=cve",
"source": "security@wordfence.com"
}
]
}

141
CVE-2024/CVE-2024-92xx/CVE-2024-9296.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-9296",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-28T09:15:02.600",
"lastModified": "2024-09-28T09:15:02.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgot_pass.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/para-paradise/webray.com.cn/blob/main/Advocate%20office%20management%20system/Advocate%20office%20management%20system%20forgot_pass.php%20time-based%20SQL%20Injection%20Vulnerability.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.278790",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.278790",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.412461",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

21
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-28T08:00:16.756926+00:00
2024-09-28T10:00:17.565544+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-28T07:15:04.123000+00:00
2024-09-28T09:15:02.600000+00:00
```
### Last Data Feed Release
@ -33,24 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
264088
264090
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `2`
- [CVE-2024-23923](CVE-2024/CVE-2024-239xx/CVE-2024-23923.json) (`2024-09-28T07:15:02.440`)
- [CVE-2024-23924](CVE-2024/CVE-2024-239xx/CVE-2024-23924.json) (`2024-09-28T07:15:02.790`)
- [CVE-2024-23935](CVE-2024/CVE-2024-239xx/CVE-2024-23935.json) (`2024-09-28T07:15:02.997`)
- [CVE-2024-23938](CVE-2024/CVE-2024-239xx/CVE-2024-23938.json) (`2024-09-28T06:15:02.200`)
- [CVE-2024-23957](CVE-2024/CVE-2024-239xx/CVE-2024-23957.json) (`2024-09-28T06:15:02.787`)
- [CVE-2024-23958](CVE-2024/CVE-2024-239xx/CVE-2024-23958.json) (`2024-09-28T07:15:03.183`)
- [CVE-2024-23959](CVE-2024/CVE-2024-239xx/CVE-2024-23959.json) (`2024-09-28T07:15:03.367`)
- [CVE-2024-23960](CVE-2024/CVE-2024-239xx/CVE-2024-23960.json) (`2024-09-28T07:15:03.550`)
- [CVE-2024-23961](CVE-2024/CVE-2024-239xx/CVE-2024-23961.json) (`2024-09-28T07:15:03.740`)
- [CVE-2024-23967](CVE-2024/CVE-2024-239xx/CVE-2024-23967.json) (`2024-09-28T07:15:03.937`)
- [CVE-2024-9295](CVE-2024/CVE-2024-92xx/CVE-2024-9295.json) (`2024-09-28T07:15:04.123`)
- [CVE-2024-8712](CVE-2024/CVE-2024-87xx/CVE-2024-8712.json) (`2024-09-28T09:15:02.167`)
- [CVE-2024-9296](CVE-2024/CVE-2024-92xx/CVE-2024-9296.json) (`2024-09-28T09:15:02.600`)
### CVEs modified in the last Commit

24
_state.csv
View File

@ -245866,13 +245866,13 @@ CVE-2024-23916,0,0,5077cd24018e805b075cf41f1ccac823739f63acd7350dd61dccd4ccae773
CVE-2024-23917,0,0,f3236f3886ac3a298029762564187aed866f84d01e9365abb654a21b0d966829,2024-02-09T01:05:22.180000
CVE-2024-2392,0,0,a1f238224b889878ea8101bb03eb85f7363cbe3f032b78dbb59584257d093c6d,2024-03-22T12:45:36.130000
CVE-2024-23922,0,0,288cd2c46a3e75a5e0ef35cc35e0f6530d4d6b67a2eb2b42fa02b67f3d5649f8,2024-09-26T13:32:55.343000
CVE-2024-23923,1,1,018ef5fcdc300723cc2e14dae15017b4a930053d99c9fd577ac55b06f0be1909,2024-09-28T07:15:02.440000
CVE-2024-23924,1,1,fb697cc01f0647d1e21deb85e2308042905d41cb886de08cb4a4c797a6686033,2024-09-28T07:15:02.790000
CVE-2024-23923,0,0,018ef5fcdc300723cc2e14dae15017b4a930053d99c9fd577ac55b06f0be1909,2024-09-28T07:15:02.440000
CVE-2024-23924,0,0,fb697cc01f0647d1e21deb85e2308042905d41cb886de08cb4a4c797a6686033,2024-09-28T07:15:02.790000
CVE-2024-2393,0,0,df74eedb2cf97a7cc02bf0873514b7acec290c6b3a77795cc7def5200bf6c3d3,2024-05-17T02:38:12.530000
CVE-2024-23933,0,0,01d625badee588d8b28d0d0fbf55d2f47d0b150143df0e8338ce37487a8f0580,2024-09-26T13:32:55.343000
CVE-2024-23934,0,0,61cba64dd7d447d31e2c1c1cee321294df02a41fb555e62b1a346e8bb423690c,2024-09-26T13:32:55.343000
CVE-2024-23935,1,1,9cfbd19dce3c7f3d17422ef8161abd59a134553512dbcc0c875da949d881f04b,2024-09-28T07:15:02.997000
CVE-2024-23938,1,1,d8c7a959dc5a0629d9048ef2f2c4ba4766c3b1bb0c0a6e0dacc9099fa012bc21,2024-09-28T06:15:02.200000
CVE-2024-23935,0,0,9cfbd19dce3c7f3d17422ef8161abd59a134553512dbcc0c875da949d881f04b,2024-09-28T07:15:02.997000
CVE-2024-23938,0,0,d8c7a959dc5a0629d9048ef2f2c4ba4766c3b1bb0c0a6e0dacc9099fa012bc21,2024-09-28T06:15:02.200000
CVE-2024-2394,0,0,601af7bb68f57fdb63dc28b1a3be4e92facb0bb452d0b42ad5d6937b933c3deb,2024-05-17T02:38:12.620000
CVE-2024-23940,0,0,1c0bdede0fd3b02e7f9ad21f2aa27ec6ae45825d094730a07bddf507f926c4e8,2024-02-06T19:19:33.920000
CVE-2024-23941,0,0,9709bab66e0af4d3dc69e9a86a5316f0273a5a15f2aac5ab4098dcbc1f12f8f7,2024-02-06T21:37:12.433000
@ -245885,12 +245885,12 @@ CVE-2024-2395,0,0,37ecce73517ecefe68574d74e2265f3d2a49c15c536980e217743e28f1db87
CVE-2024-23950,0,0,25847234553a7a7aa3af838a477d7b6f4a5c35ccd2e774f811d68e8ce720445a,2024-06-10T17:16:19.833000
CVE-2024-23951,0,0,14a64f857e19fa20b9d905d154185c191d80e1c0b6ed53dd9050b70f076dc813,2024-06-10T17:16:19.930000
CVE-2024-23952,0,0,34c7e2d5919ffb2785317596bbeb44591446a81e60ca69df2cdc3c3c37179a86,2024-02-14T14:16:07.460000
CVE-2024-23957,1,1,37a91ce79040106532d239390ae444b6332819b7e9f72cf65c63091df80b24de,2024-09-28T06:15:02.787000
CVE-2024-23958,1,1,cae83859b27785e2bbae1d2b2ec6953f20791a55cf2974554a466cdfbb519ee7,2024-09-28T07:15:03.183000
CVE-2024-23959,1,1,c8308e13450d2238caf0d7b06734770079188f9a2ef38eb64ae23ee6e678a522,2024-09-28T07:15:03.367000
CVE-2024-23960,1,1,fda5fbb384c44cfd892f3a255575c7cf6ce4c2641fb844129ac1686dd7735a55,2024-09-28T07:15:03.550000
CVE-2024-23961,1,1,774760d9234af4b9b92feb77a30beda5760511ad18696f76b2ebaa44aee95b0e,2024-09-28T07:15:03.740000
CVE-2024-23967,1,1,2bcd51c846821f9a9259d670019f976da6ff4d771498869c33d238e656bb6765,2024-09-28T07:15:03.937000
CVE-2024-23957,0,0,37a91ce79040106532d239390ae444b6332819b7e9f72cf65c63091df80b24de,2024-09-28T06:15:02.787000
CVE-2024-23958,0,0,cae83859b27785e2bbae1d2b2ec6953f20791a55cf2974554a466cdfbb519ee7,2024-09-28T07:15:03.183000
CVE-2024-23959,0,0,c8308e13450d2238caf0d7b06734770079188f9a2ef38eb64ae23ee6e678a522,2024-09-28T07:15:03.367000
CVE-2024-23960,0,0,fda5fbb384c44cfd892f3a255575c7cf6ce4c2641fb844129ac1686dd7735a55,2024-09-28T07:15:03.550000
CVE-2024-23961,0,0,774760d9234af4b9b92feb77a30beda5760511ad18696f76b2ebaa44aee95b0e,2024-09-28T07:15:03.740000
CVE-2024-23967,0,0,2bcd51c846821f9a9259d670019f976da6ff4d771498869c33d238e656bb6765,2024-09-28T07:15:03.937000
CVE-2024-2397,0,0,00747e677ac07569e47a4b44c68849d40056dfcd1ae374307286b3eb2379c47d,2024-06-10T17:16:25.180000
CVE-2024-23972,0,0,828a337376a97e45b1a3d6fb92449e5bfc2bd8dd2b86628021713c0c44f1d02e,2024-09-26T13:32:55.343000
CVE-2024-23974,0,0,c245074da43acd228fb7b61c7f93435155d38dc53924647c7bf42e3ed476242f,2024-08-14T17:49:14.177000
@ -263885,6 +263885,7 @@ CVE-2024-8708,0,0,661e441f732f7c590146c851caa19d4b9d733a437db35f14f249fe50618d2c
CVE-2024-8709,0,0,c4b78e9440da9a95da6880cb2eb594efc3dc26da0951b28cab597493ad1bb06a,2024-09-13T16:27:21.273000
CVE-2024-8710,0,0,4c5169ef585cdb335030b939d5748b4dbbc0a0ee6166dc565231ca1259e5b90c,2024-09-13T16:25:47.510000
CVE-2024-8711,0,0,0a0fc486d277b8c36cfb49b6365925dae98dcfc88dd0e7309623a05e1f41ecb4,2024-09-13T16:18:15.670000
CVE-2024-8712,1,1,50c8b955b867e54c67f097c66622da6de593bdb6b5d7888352e6bc40f5c29004,2024-09-28T09:15:02.167000
CVE-2024-8713,0,0,77e6eb32497c4838ab6eff0729860dc19e9280431833bec790cbdd0c191045a7,2024-09-26T13:32:02.803000
CVE-2024-8714,0,0,2bf1d2039d26904f97b1e8fc522abe5916905f0e0d26ed18e01afb2d802fce13,2024-09-26T20:06:46.330000
CVE-2024-8715,0,0,5dd80a9e377e26833109e36a9f853397f40930511fcbb10d79b8fb2a0b5afb14,2024-09-28T03:15:02.330000
@ -264085,5 +264086,6 @@ CVE-2024-9284,0,0,a3f6be1f322902c2dd706322ffd372bfbe9b47cbadedd7cc30aad50104d2b0
CVE-2024-9291,0,0,cb57967e7b1c1e3b6bbd39bdcccb61b556906a24da36a7110dece4902c704d59,2024-09-27T21:15:03.667000
CVE-2024-9293,0,0,58d1b3c8bf6371fb336102f333c7989d6dbbcc39b37756484826d43b383204c0,2024-09-27T21:15:03.937000
CVE-2024-9294,0,0,ecc4d06c597aa37fc99c049d1c5765db52fd8734fa53dc2d290464be84fc4820,2024-09-27T22:15:13.363000
CVE-2024-9295,1,1,2059e80eecdba7e0e8296ba30a6d99f30eadea57334392b722bd6631f9d60107,2024-09-28T07:15:04.123000
CVE-2024-9295,0,0,2059e80eecdba7e0e8296ba30a6d99f30eadea57334392b722bd6631f9d60107,2024-09-28T07:15:04.123000
CVE-2024-9296,1,1,dded0f6e9e44e64bc57cf92e6d2ef3c1cf85d250453ac5cec64d525a4c889bac,2024-09-28T09:15:02.600000
CVE-2024-9301,0,0,f7d62ae99cd0d6877c5db63fcb4f2c0f8f043fbb8339f25415912b7f29acecf1,2024-09-27T18:15:06.163000

Can't render this file because it is too large.